Governance & Risk Management , Privacy
France Fines Microsoft Ireland 60M Euros Over Bing CookiesFrench Authority Says Microsoft Search Engine Violated Data Protection Practices
The French privacy watchdog levied a fine of 60 million euros against Microsoft Ireland for misleading cookie policies that it says violated the country's privacy laws.
See Also: LIVE Webinar | Stop, Drop (a Table) & Roll: An SQL Highlight Discussion
An investigation launched by the Commission Nationale de l'Informatique et des Libertes - known as CNIL - found Microsoft's Bing search engine deployed advertising cookies on its users' browsers without their consent.
The investigation also revealed Bing had mechanisms in place to allow users to refuse the cookies, and that the company deliberately designed its refusal mechanism in a way that makes it easier for the users to accept cookies than to refuse them.
In doing so, Microsoft violated the freedom of consent of internet users stipulated under the French Data Protection Act, according to the CNIL.
"As a result, the CNIL body responsible for issuing sanctions fined Microsoft Ireland €60 million," the agency said. "It justified this amount by the scope of the processing, the number of data subjects and the profits the company made from advertising profits indirectly generated from the data collected via cookies."
CNIL gave Microsoft a deadline of three months to collect the consent of the French users of Bing before it will be allowed to deploy the advertising cookies again. Any noncompliance would invoke a further penalty of 60,000 euros per day.
Previously, the agency fined Facebook 60 million euros for not allowing users to refuse tracking cookies. Last month, the French data protection authority fined video streaming platform Discord 800,000 euros for data protection practices that failed to comply with the General Data Protection Regulation (see: Discord Fined by French CNIL for GDPR Violations ).